Hello,
I spent some time thinking about what's missing to get DC going, and I
came up with 3 milestones. Here they are:
Milestone 1: proof of concept
- We show only data from @debian.org and @users.alioth.debian.org
accounts, which we can safely assume it can be made public without
asking first.
- We document how to build data mining scripts.
- We call for teams to start experimenting with sending data to the
site.
Milestone 2: moar data sources
(possibly taking advantage of the minidebconf in Cambridge)
- We lobby teams for setting up data mining scripts and posting data to
the site. We can help them set these up, but they should ultimately
be the responsibility of the teams themselves.
Milestone 3: moar identifiers
- Get more kinds of identifiers into the mix: emails, gpg fingerprints,
wiki names.
This needs figuring out both privacy requirements and integrity
requirements: we need to avoid to open trolling avenues, like sending
one silly bugreport a week as debiansux at ownyouftw.troll to get into
the list. Identifiers should be somehow tied to reputation that is
built up with constructive work: if one wants to have
debiansux at ownyouftw.troll end up in the list, they need to earn it
honestly.
Two possible ideas:
- one needs to have a gpg key with a trust path leading to the
strongly connected set;
- the initial opt-in is initiated with a mail from the Debian
Welcome Team, and they might decide to wait a bit and see when
they notice a suspicious identifier.
But really, different identifiers may have different requrements,
we'll see it when we get there. As data flows in from new data
sources, we should start getting some idea.
For example, emails in debian/changelog, since a DD signs for its
integrity, can be trusted differently than emails from the BTS, where
anyone can post.
- Identity management needs to be implemented, and this probably means
waiting until after the single signon sprint meeting that should
happen in January. Too much information is missing now to make good
tradeoffs.
Ciao,
Enrico
--
GPG key: 4096R/E7AD5568 2009-05-08 Enrico Zini <enrico at enricozini.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/newmaint-site/attachments/20131028/999f81a8/attachment.sig>